A couple days ago, a virus was circulating called “Trojan.Gpcoder.E.” What was significant about this virus was that it always came from a trusted email source and the subject was related to invoicing. Most people are concerned with keeping their bills up-to-date and opened the email, thinking it was legit.

The reason why this virus is so bad is that it literally encrypts all your files. You can get them decrypted for any where from $500usd to $2000usd! Not small potatoes that’s for sure.

What can you do to prevent issues like this from affecting you?

1. Run reliable and reputable virus software. In our case we offer a managed virus solution from Symantec. It notifies us when you have a virus or if your software is not update.

2. Run reliable and reputable spam software. When this virus hit, it only took two hours for Barracuda to figure out the problem and start blocking these emails from coming in. It also allowed us to see whose accounts were sending these emails so we could call and warn them.

3. Backups! Sometimes with virus’ like these that spread so quickly, it’s hard to prevent an infected computer. However, be smart and minimize risk. Ensure you have reliable backups so that you are able to restore data and be back up and running in a few hours.

4. Sometimes being a little skeptical isn’t a bad thing. In the case of this virus, even though you received the email from a trusted person, if the content seems unusual, it’s probably not a good idea to open the attachment.

If you haven’t activated two-factor authentication on Dropbox yet, you may want to do so now, just in case you end up finding your credentials posted on the internet. A document posted on pastebin earlier contains 400 Dropbox usernames and passwords, which the poster claims are just a tiny fraction of a massive hack that compromises up to 7 million accounts. The poster has been asking for Bitcoin donations in exchange for more accounts, and by the looks of it, he got enough money, at least, to post another batch of log-in credentials within the same day. At the moment, it’s still unclear how the hacker(s) got a hold of the usernames and passwords, but the cloud service told Engadget that Dropbox itself has not been hacked.

Update: Dropbox again stated that it has not been hacked, this time in a blog post, and says security measures are in place to detect accounts compromised with log-in info stolen from other sites.

“These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts,” a spokesperson told us. “We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.” Still want to ensure your account’s safety anyway? Head over to the Dropbox’s detailed explanation on how to turn on two-step authentication. Hopefully, when you log in to do so, the service has also restored any file a recent bug might have deleted from your folder.